« Internet Intrusions: Global Characteristics and Prevalence | Main | Analyze the Worm-based Attack in Large Scale P2P Networks »
Analyzing the Spread of Active Worms over VANET
This is the first paper of it's kind that I've seen. It marries traditional epidemic spreading models together with network threat modeling to achieve a new, very relevant analysis. Make sure you look at this Slashdot story, Lexus Computers Infected Via Bluetooth, for just how serious a threat this can be.
Source: Analyzing the Spread of Active Worms over VANET, Syed A. Khayam and Hayder Radha.Interactive communications among nodes in Vehicular Ad Hoc Networks (VANET) and the safety-oriented nature of many VANET applications necessitate a robust security framework. An active worm over VANET can, in addition to the well-known threats to information confidentiality, integrity and service availability, pose a whole new class of trafficrelated threats (ranging from congestion to large-scale accidents). This paper investigates the parameters governing the spread of active worms over VANET. To this end, we first define the average effective distance between two VANET vehicles using parameters of freeway traffic (such as velocity, time lag, number of lanes and traffic density). This effective distance measure is then used to describe the behavior of a VANET link as a log-normal shadow fading channel. The channel model is employed to define the VANET topology as a geometric random graph. We derive an analytic expression describing the average node degree of the VANET graph. The spread of a worm over VANET is modeled using a stochastic model of infectious diseases, namely the standard Susceptible, Infected, Removed (SIR) epidemic model. We run the stochastic SIR epidemic model on the VANET graph. For both congested and low-density traffic scenarios, we derive expressions for the rate of worm spread as a function of the average degree of the graph and the patching process. Analysis is provided for: 1) preemptive patching, where the number of patched VANET nodes remains constant; 2) interactive patching, where real-time patching is performed during a worm outbreak. We demonstrate that the latter can effectively curb the spread of a VANET worm in both congested and lowdensity traffic scenarios.
March 26, 2005 in papers | Permalink
Tell others: digg submit
|
del.icio.us this
|
Reddit
Comments
I covered this a few weeks ago, seems that Lexus claim that their systems can't be 'infected' by malware using BlueTooth as an infection vector, but they may be 'affected' by such malware.
Link to my blog posting about this: http://arachnid.homeip.net/modules.php?op=modload&name=News&file=article&sid=122
Posted by: Martin Overton | Mar 26, 2005 11:30:04 AM
hey i dont think so
Posted by: mister | Jan 24, 2007 7:05:17 AM
